Cybercriminals have recently launched yet another massive spam campaign, impersonating a rather popular brand used in a decent percentage of social engineering driven email campaigns – the BBB (Better Business Bureau).

Once users click on any of the links in the malicious emails, they’re automatically exposed to the client-side exploits served by the Black Hole Exploit kit.

More details:

Sample screenshot of the spamvertised email:

Sample compromised URLs used in the campaign:hxxp://favemobile.com/wp-content/plugins/zxchhxeoige/betterbusinessrp.htmlhxxp://gaming-blogger.com/wp-content/plugins/zokkbualhxe/betterbusinessrp.htmlhxxp://gofastco.com/wp-content/plugins/zaoouodkpnx/betterbusinessrp.htmlhxxp://williamusmanjr.com/wp-content/plugins/zpihwsvwaeo/betterbusinessrp.html

Responding to 59.57.247.185 are also the following malicious domains, part of the campaign’s infrastructure:africanbeat.netakbmag.comatsushitani.combarcwealth.combmsavingsn.com – ACTIVE phishing campaigneaglepointecondo.bizeaglepointecondo.infoeaglepointecondo.orghfeitu.netincinteractive.netlabpr.comlloydsbts-offshore.comsessionid0147239047829578349578239077.plwinterskyserf.ru